import jsonwebtoken from 'jsonwebtoken';

/**
 * Generates a JWT for Tiptap collaboration.
 * @param {object} options - The options for generating the token.
 * @param {string} options.sub - The user identifier.
 * @param {string[]} options.allowedDocumentNames - The names of the documents the user is allowed to edit.
 * @param {string[]} [options.readonlyDocumentNames] - The names of the documents the user can only read.
 * @returns {string} The generated JWT.
 */
export function generateJwt({ sub, allowedDocumentNames, readonlyDocumentNames }) {
  const secret = process.env.TIPTAP_APP_SECRET;

  if (!secret) {
    throw new Error('TIPTAP_APP_SECRET is not defined in environment variables.');
  }

  const payload = {
    sub,
    allowedDocumentNames,
  };

  if (readonlyDocumentNames) {
    payload.readonlyDocumentNames = readonlyDocumentNames;
  }

  return jsonwebtoken.sign(payload, secret, { expiresIn: '7d' });
} 